CVE-2022-36293

EPSS 2.28%
Veröffentlicht 16.08.2022 08:15:09
Zuletzt bearbeitet 21.11.2024 07:12:43
Quelle vultures@jpcert.or.jp
CVE-Watchlists
Login
Unerledigt
Login

Buffer overflow vulnerability in Nintendo Wi-Fi Network Adaptor WAP-001 All versions allows an attacker with an administrative privilege to execute arbitrary code via unspecified vectors.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Nintendo ≫ Wi-fi Network Adaptor Wap 001 Firmware

Nintendo ≫ Wi-fi Network Adaptor Wap 001 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	2.28%	0.84

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.2	1.2	5.9	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

https://jvn.jp/en/jp/JVN17625382/index.html

Third Party Advisory

https://www.nintendo.co.jp/support/information/2022/0720.html

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-36293

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-36293

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-36293

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2022-36293